News Room

Online Security: Authentication Beyond Passwords

As passwords become more sophisticated, so do hackers. Thieves are experts at stealing passwords, leaving your business and customers at serious risk. Eighty-one percent of hacking-related breaches leveraged stolen or weak passwords, and eight in 10 people are deeply worried about online security.

What is the best way to move beyond traditional passwords and keep data safe? Fortunately technology has advanced, providing new and more secure ways to keep hackers out of your systems.

Understanding the password problem

Passwords are an expensive problem, mostly because hackers have become more skillful at stealing passwords and exploiting that information to maximize their gains. For example, a hacker might steal the passwords of a company’s customers and then use those passwords to hack into multiple accounts — because the majority of people use one password for several different accounts. In fact, three out of four consumers duplicate passwords, many of which haven’t been changed for five years or longer.

Managing passwords is also costly for businesses. Microsoft spends more than $2 million fielding help desk calls each month to help people change passwords. Although your company may be smaller, the cost of managing traditional passwords is still high, and there are more advanced solutions available to minimize those costs.

The evolution of biometrics

Many people use biometrics without realizing it. For example, when you took out your smartphone this morning, you may have entered a password — but if your phone is a newer model, you likely used a fingerprint instead. This is biometrics at work.

With the above-described spike in cybercrime, this protective technology is becoming increasingly attractive to businesses. Customers and employees who use typical passwords face security concerns, but creating passwords that meet security standards isn’t always user-friendly. For each user, biometrics uses unique identifying data, such as a fingerprint — making it more difficult for hackers to access sensitive data.

Multifactor authentication

Multifactor authentication confirms identification of the user who provides at least two pieces of information. For example, users might provide some information they have, such as a password, and leverage something they possess, such as a cellphone

Take, for example, a person logging into a website. He must first furnish something known, such as, again, a password; then he must provide some information that has been sent to him, such as a code sent via text message.

One of the largest benefits of MFA is that it allows organizations to use advanced security options, such as a single sign-on, which makes things easier for users and harder for hackers. Once users have successfully signed on, they are admitted into all apps without needing to enter credentials multiple times.